Force RSA-SHA2 Host Key Exchange

Advertisement

Guest

Force RSA-SHA2 Host Key Exchange

I am trying to get WinSCP 5.21.6 to use RSA-SHA2. I have moved up the RSA algorithms in Advanced -> SSH -> Key Exchange tab for the session properties.

It still will only connect at ssh-rsa 2048. I have cleared keys, but it didn't change anything.

Is there a way to force/limit/select which protocols I want to use in the client?

Thank you.

Reply with quote

Advertisement

Guest

Re: Force RSA-SHA2 Host Key Exchange

I can connect with PuTTY, but it also only connects via SSH RSA and not RSA SHA.

The server is set up to accept SSH RSA, RSA SHA256, and RSA SHA512, in that order. How do I force an exchange algorithm?

Reply with quote

Advertisement

martin
Site Admin
martin avatar

Re: Force RSA-SHA2 Host Key Exchange

I'm confused. It's the client that picks the algorithm, not the server. And I'm not aware of "RSA SHA512" KEX. Are you really sure this is about "KEX exchange" and not "host key"?
How exactly is the server "server is set up to accept SSH RSA, RSA SHA256, and RSA SHA512"? What server is that?

Reply with quote

Armin
Guest

Is it possible to limit the KEX options that is available?

For security reason, they only want a few specific KEX to be used not all.

But I don't know how to remove the other options.

Thanks

Reply with quote

Advertisement

You can post new topics in this forum